Jump to content
Sign in to follow this  
girl

No Information Email

Recommended Posts

In my original research, I just looked up stuff that pertained to me at the time. Which wasn't gmail.

Do you think that if I use gmail for a bit (it's working now...) that it will let the numbers die down and then switch back? Or are the numbers that are being counted not the daintyrose smtp, but the full berry ones that keep going up and I can't do a thing about it but... keep getting blocked and never ever ever use my domain email that I've used for years again?

(you know, "people like me" who use gmail for the smtp server are probably why spam gets sent from there... maybe gmail should make that not allowed. you know, after I'm done using it to email people until I get my domain fixed that is)

Share this post


Link to post
Share on other sites
Do you think that if I use gmail for a bit (it's working now...) that it will let the numbers die down and then switch back?

One, it doesn't appear that we are on track.

Two, switch back ...????

You can check the number yourself, I've posted the links ....

Hmmm, and now we have some possible oddities .. you say you've done some configuration changes on your computer ... coincidence that the numbers on the IP address in question are now going down?

Volume Statistics for this IP

Magnitude Vol Change vs. Average

Last day ........ 4.7 .. 2632%

Last 30 days .. 3.7 .... 189%

Average ........ 3.3

Or are the numbers that are being counted not the daintyrose smtp,

The output server for your Domain has yet to be identified.

but the full berry ones that keep going up and I can't do a thing about it but... keep getting blocked and never ever ever use my domain email that I've used for years again?

I'm confused, I think you're confused. I believe your "Domain e-mail" never went out because you had things configured 'wrong' on your system. You say you configured the SMTP account for it, then you say you changed that to use GMail instead ...???/

(you know, "people like me" who use gmail for the smtp server are probably why spam gets sent from there... maybe gmail should make that not allowed. you know, after I'm done using it to email people until I get my domain fixed that is)

It's my belief that if you configure that (Domain) e-mail account (on your system) to use the appropriate SMTP server, it will actually work ....

All this "bad" data has been based on the IP address of a computer that (in my opinion) is not supposed to be sending out e-mail at all ....

Share this post


Link to post
Share on other sites
...So then I set up daintyrose to to use gmail's smtp.

Last question, do you think I should keep daintyrose using gmail's smtp, or switch it back after a while?

I'm still unclear what mail server was listed in the first place.

If you were having messages rejected with an error then that should have given you the IP address that was being blocked.

Now, it is good you've managed to by-pass the problem by using the Gmail smtp server. A great temporary solution. But as Wazoo implies, Gmail is well known for becoming listed from time to time. Largely because they are a free, public access service and are easily abused. I believe the Gmail tech people work well at tackling abuse but they face an uphill battle.

So you would be well advised to get your smtp set up in such a way that you avoid this problem. What about mail.daintyrose.net? Can you do SMTP AUTH through your own mail server?

Andrew

Share this post


Link to post
Share on other sites
I'm still unclear what mail server was listed in the first place.

(in my opinion) "the gateway" computer that has been provided to handle 'net' connections for the students ..... it isn't an e-mail server, but is sending mail from compromised computers on the 'student' side of the network ....

Share this post


Link to post
Share on other sites
(in my opinion) "the gateway" computer that has been provided to handle 'net' connections for the students ..... it isn't an e-mail server, but is sending mail from compromised computers on the 'student' side of the network ....

The smtp server I was using in the first place was my daintyrose server.

And yeah, it is weird that the numbers went down, but you also checked it at night, and late at night too (for once I stayed up late). What could I be doing that it would be me and how can I fix this?

I realize that google's server is not the best solution, I would rather go back to using my domain's smtp server but that just didn't work for whatever reason and google's did. At this point in my week I'm at a "do what works" level, don't think ahead, just finish the work you have due tomorrow, baby steps.

Trust me. If I knew enough about what I was talking about to express it clearer to you, I'd say it like that! :)

Share this post


Link to post
Share on other sites
Trust me. If I knew enough about what I was talking about to express it clearer to you, I'd say it like that!

My feeling is that you probably need help from someone who does understand these issues.

For whatever, reason your mail server is passing messages through a compromised machine. That needs serious attention. I'd find a competent person to assist you resolve this issue.

Andrew

Share this post


Link to post
Share on other sites
The smtp server I was using in the first place was my daintyrose server.

Sorry, but there is no evidence of that anywhere in the Topic/Discussion.

You say late in the story that you in fact did reconfigure Thunderbird to actually use it, but then changed that to also use GMail's servers.

I have stated several times in here .. the outgoing e-mail server for your Domain has yet to be identified ...

And yeah, it is weird that the numbers went down, but you also checked it at night, and late at night too (for once I stayed up late). What could I be doing that it would be me and how can I fix this?

Yet again, I am stating my belief that the 'computer' that is actually sitting at the IP address of 70.159.7.113 is shared by numerous students .. not just your use alone .... I'm also suggesting/stating that you have a whole bunch of fellow students with infected/compromised computers. But the truth to any of this has to come from someone that is actually in control (?) of that network.

I get the feeling that you are not following any of the links provided. Steve Gibson's NAT router page was of no value to you? I've got countless other reference pages on networking, but none are as 'pretty' and non-geeky as that one ....

I realize that google's server is not the best solution, I would rather go back to using my domain's smtp server but that just didn't work for whatever reason and google's did. At this point in my week I'm at a "do what works" level, don't think ahead, just finish the work you have due tomorrow, baby steps.

Trust me. If I knew enough about what I was talking about to express it clearer to you, I'd say it like that! :)

I state again, from the data provided before, you were never using your "Domain's e-mail server" (other than the apparent short time that you did configure it, but then reconfigured it again ...?????)

Per the FAQ at http://ev1.net/english/faq/index.asp .. your hosted account there includes;

I know that Plesk 7 Reloaded comes with a range of email applications, what will I have access to?

Our virtual accounts come with POP3, IMAP and SMTP email servers, in addition to a full webmail client. You will get unlimited email accounts, along with mailing lists and autoresponders. By utilizing the Plesk 7 Reloaded platform, we can also offer you the Dr. Web Antivirus software and SpamAssassin spam filtering.

http://my.ev1.net/english/support/webhosting/email.asp offers some clues ....

Point is that your e-mail from that "Domain account" should be seen using one of the listed 202 e-mail servers showing at http://www.senderbase.org/search?searchString=ev1.net ....(admitting that this is just a starting point, there could be other servers involved)

Share this post


Link to post
Share on other sites

The smtp server I was using in the first place was my daintyrose server.

OK, What was that IP address and what was the resulting error message or were your messages simply disappearing into the ether.

Share this post


Link to post
Share on other sites

I can follow those links all I want, but why would I ever talk about them if they didn't help me a lick 'cause I didn't see how they helped me because I couldn't comprehend how that information helps me email people?

I was using Daintyrose SMTP the whole time. I know perception may be reality, but just because I didn't think it was important enough to spell that out doesn't mean that's not what I was doing.

Steven, Thanks again for the help! :) I'm not sure what the ip for daintyrosesmtp off the top of my head is (Is it different from the domain itself? that's 67.15.104.25), or how to find it, but I did -just- email my host and when I get back from class, I should have an email telling me! I got an error message saying something like... "An error occured while sending mail. The mail server responded: 5.3.0 Rejected - see http://www.spamcop.net. Please verify that your email address is correct in your mail preferences and try again." I use Thunderbird. I had two email addresses using the daintyrosesmtp and they both had that error message. One of those same email addresses had the possibility of being webmail, and when I used it on webmail it was fine.

Merlyn, "a sonic wall firewall" as in the program "Sonic Wall" because all students are required to install that at Berry. I mean, I haven't because I've got linux and I can't, so the tech people set me up something where I can get on the network without it checking it see if I've got Sonic Wall installed or not (if you don't have it installed, the network wont let you on). We really hate the program... I think it monitors our activity. I have dual boot windows and that half has Sonic Wall, but I never get on it 'cause I'm scared they're gonna see all the stuff I look at. -_-'

Share this post


Link to post
Share on other sites
I'm not sure what the ip for daintyrosesmtp off the top of my head is (Is it different from the domain itself? that's 67.15.104.25), or how to find it

If you could send email to send email to Steven through that connection, then he could help you...but that seems to have failed, correct? Send me a PM on this forum and I'll give you some addresses you can try sending to.

I got an error message saying something like...

"something like" isn't going to help...we need the *whole* error, because those errors usually also give the IP address in question.

"An error occured while sending mail. The mail server responded: 5.3.0 Rejected - see http://www.spamcop.net. Please verify that your email address is correct in your mail preferences and try again."

Is this appearing as an "interactive" message that pops up on your screen, or is it in an email that you receive immediately upon trying to send?

DT

Share this post


Link to post
Share on other sites

Steven, Thanks again for the help! :) I'm not sure what the ip for daintyrosesmtp off the top of my head is or how to find it

First: What do you you enter into your email program when you are using the daintyrose SMTP server that used to work? We can determine the IP address from that answer.

Second: You state you will received "something like" and then quote a line. ("An error occured while sending mail. The mail server responded: 5.3.0 Rejected - see http://www.spamcop.net. Please verify that your email address is correct in your mail preferences and try again.") Is that the exact message you receive every time you try to send email through daintyrose SMTP? That message is not complete as it should also indicate the IP address causing the block.

If you got that message when trying to email my spamcop address earlier in this thread, then it is likely the Daintyrose SMTP is using spamcop on your incoming connection and rejecting it because of the Berry.edu listing.

Share this post


Link to post
Share on other sites
I can follow those links all I want, but why would I ever talk about them if they didn't help me a lick 'cause I didn't see how they helped me because I couldn't comprehend how that information helps me email people?

Item 1: explanation for the various IP addresses you were voming up with, being advised of, allegedly looking for ...

Item 2: explanation of what a router is and how it's used

Item3: the hope that with more kowledge, more facts would also become more apparent

I was using Daintyrose SMTP the whole time. I know perception may be reality, but just because I didn't think it was important enough to spell that out doesn't mean that's not what I was doing.

Please re-read my Linear post #12 in this Topic. The use of "Port 0" suggests oto me that you were not using the SMTP service at daintyrose. The 'instructions' I posted a link to in my Linear Post #32 are far from complete, but .... As I stated, the 'nornal' Port for SMTP is 25, not 0 ....

I also stated that the error message you have repeatedly 'shown' is not 'standard' either. The identification of the SpamCopDNSBL is incomplete, but the additional data of "check your e-mail preferences/address" has nothing to do with the SpamCopDNSBL ..... I'm almost willing to believe that you are seeing multiple error messages, but you're combining them 'for us' ...???

Steven, Thanks again for the help! :) I'm not sure what the ip for daintyrosesmtp off the top of my head is (Is it different from the domain itself? that's 67.15.104.25), or how to find it, but I did -just- email my host and when I get back from class, I should have an email telling me! I got an error message saying something like... "An error occured while sending mail. The mail server responded: 5.3.0 Rejected - see http://www.spamcop.net. Please verify that your email address is correct in your mail preferences and try again." I use Thunderbird. I had two email addresses using the daintyrosesmtp and they both had that error message. One of those same email addresses had the possibility of being webmail, and when I used it on webmail it was fine.

Have you fone through the configuration process once again to actually define the daintyrose SMTP server settings ... and then selected a daintyrose e-mail address as the sender of one of these test e-mails?

Here's what I'm thinking ....

Your post #1: "I use my school's Exchange server with pop3 in thunderbird"

My post #8: I posted the listed/identified output servers seen by SenderBase for berry.edu, included the MX (incoming) for daintyrose, showed some of the ev1/mochahost outgoing servers ...

Your post #10: "Both my personal email account, ... and my school email account. And blocked while sending to my school. I test sending it to myself (personal to personal) and it gets blocked). I just get blocked." ..... suggesting that all e-mail attempts were actually going out/coming in via the same path .. specifically using the same SMTP server service to try to go out ....

Your post #10: "I have a smtp (just one) with mail.daintyrose.net love[at]daintyrose.net being the username, 0 being the port and no authentication." ..... that would work for POP just fine, however the link I provided to the FAQ at http://my.ev1.net/english/support/webhosting/email.asp has a major caveat on the SMTP service .... did you look at that page?

StevenUnderwood's post #20: (and responded to in my post #23) received an e-mail "from" a berry.edu IP address that was not listed in the SpamCopDNSBL. You further indicate that this e-mail was sent via the berry.edu web-mail application.

Your post #21: "I do not like using the online interface, so I took the Berry thing, figured out how to pop it. That SAME EMAIL account does NOT work when I pop it (spamcop message) but DOES work when I use it online (as you can see)." ........ seems to actually state that you did "not" figure out how to POP a web-mail application ... I think???

Your post #21: "I send that same email message from love[at]daintyrose.net from pop and apparently you didn't get it. That's my bigger issue, the "completely broken" email address, if you will." .... still no idea as to just what SMTP service you are/were trying to use ....

Your post #21: "Send directly from a pc? Is that what I've been doing using smtp? (if so I've been doing it for years and haven't gotten "caught") If I have to set something up differently for my love[at]daintyrose.net, Berry will not give me any support for it. Do you have any suggestions?" .... well, as the ev1 FAQ page says you can't use their SMTP service unless you are 'dialed in to them" and you state that berry.edu 'wants' you to use the web-mail application, there is a hint that the only way you have been able to 'send' e-mail thus far has been from your own computer ....????

Your post #24: "I got on gmail and told gmail to pop again, and set up gmails pop on my thunderbird and then set up a second smtp so that gmail was on gmail's smtp and daintyrose was on daintyrose's. Yeah, you don't have to be advanced to do that, I don't know what Thunderbird was talking about. Anyway, gmail worked fine. So then I set up daintyrose to to use gmail's smtp." ...... Having said all that, I'm wondering how & why GMail is letting you get away with that, actually (without using a GMail address/account to login, etc.) One would also assume that neither of these settings use "Port 0" in their (successful) configuration ...???

Your post #30: "The smtp server I was using in the first place was my daintyrose server." ..... I'm still not convinced of that, especially when their FAQ says no, no e-mail has yet been seen "from" that address/server ..... and again, that "Port 0" thing ...

Bottom line: I still believe you have been sending mail via your Ubantu SMTP sevice ....

Share this post


Link to post
Share on other sites

Wazoo: I don't know how you're helping me. Make another long post that doesn't help me but just quotes me over and over again. And no, I was NOT sending though the UbUntu smtp service. To do advanced linux things (aka, use ubuntu not as a desktop os, because it's meant to be a desktop os) you have to install extra packages. Which I would have consciously done, and I haven't.

David, thanks for the attention. :) Since I just changed the smtp from daintyrose to google and it works, I wasn't able to check the error message a second time (I wrote it out in a previous post and also typed it on my computer). If there's any errors there... it's in punctionation. I probably should have said that. I said "something like" cause I didn't want anyone putting that in an overly sensitive search engine, I had put an extra space between a dash (oh no!) and it didn't come up or something crazy like that. I'm also so anal about stupid this like that because I correct bibliographies for my professors. -_-'

The reason I had to TYPE it out instead of copy and paste like a normal, sane, person would try to do is because, yes, it came up in a little interactive pop up and not an email. So, it may very well be that Thunderbird edited the message.

And you're correct, when I sent Steven an email using daintyrosesmtp, I got the error message and he didn't get an email. (though he eventually did get an email because I emailed him using webmail)

Steven, "If you got that message when trying to email my spamcop address earlier in this thread, then it is likely the Daintyrose SMTP is using spamcop on your incoming connection and rejecting it because of the Berry.edu listing." Call me a dummy but I don't really understand what that means... or what I can do to fix it.

the Daintyrosesmtp settings are just... smtp.daintyrose.net? On my desktop I was using port 0 (like I had typed earlier) but later I switched to my laptop (my linux ati driver is on the fritz on top of all of this ><) and noticed that I'm using port 25.. but it still doesn't work. There aren't any other numbers in my settings besides the port number... so definately no plain out ip and I don't no how to turn smtp.daintyrose.net to an ip.

And yes, just in case you're only reading the section devoted to you ( I do that sometimes ) I'll type it again, that message was correct, at least in words. Some of the punctuation was right. But that's all it said, I didn't paraphase. And I'm pretty sure I got the punctuation right... But I just switched from daintyrosesmtp to googlesmtp so I'd have to change back to reproduce the error message.

Share this post


Link to post
Share on other sites

Short post:

daintyrose via mochahost via ev1 says you can't use their SMTP server unless you 'dialed in' directly

use of Port 0 on your system indicates that you are using the SMTP service on "your" computer, which is in fact available in your Ubantu distribution

the "check your e-mail address/settings" message also suggests that you are trying to send mal through a erver (somewhere) with the wrong credentials

the "blocked by spamcop" notification should have only been found in an e-mail .... showing up on-screen as an 'error message' just makes very little sense, never mind not being able to come up with a clue as to just what would be involved in writing n application to have a dialog such as that available ...

Share this post


Link to post
Share on other sites

the Daintyrosesmtp settings are just... smtp.daintyrose.net? On my desktop I was using port 0 (like I had typed earlier) but later I switched to my laptop (my linux ati driver is on the fritz on top of all of this ><) and noticed that I'm using port 25.. but it still doesn't work. There aren't any other numbers in my settings besides the port number... so definately no plain out ip and I don't no how to turn smtp.daintyrose.net to an ip.

Per http://www.dnsstuff.com/tools/lookup.ch?na....net&type=A

No A records exist for smtp.daintyrose.net, and smtp.daintyrose.net does not exist.
You can not simply put SMTP in front of a host name to make a valid SMTP host. There is a valid server at mail.daintyrose.net. A IN 86400 67.15.104.25. You should try that instead. It does support AUTHenticated sending.

I just sent a small test to 12345tester67890[at]daintyrose.net and it was accepted, so the server is working.

Share this post


Link to post
Share on other sites
I just sent a small test to 12345tester67890[at]daintyrose.net and it was accepted, so the server is working.

Does that also mean that a "catchall" email situation exists at Daintyrose.net? I certainly hope not, or you'll be receiving TONS 'o spam.

BTW, your host is "MochaHost" and here's the SMTP entry from their Knowledgebase:

Your incoming (POP3/IMAP) & outgoing mail (SMTP) server name is:

mail.yourdomain.com

Where you need to replace yourdomain.com with your actual domain name

Here's an even more important MochaHost Knowledgebase article, titled Problems sending emails using MochaHost's mail server (SMTP Restrictions):

http://www.mochasupport.com/sys/faq/index....&artlang=en

DT

Share this post


Link to post
Share on other sites

Short post:

daintyrose via mochahost via ev1 says you can't use their SMTP server unless you 'dialed in' directly

use of Port 0 on your system indicates that you are using the SMTP service on "your" computer, which is in fact available in your Ubantu distribution

the "check your e-mail address/settings" message also suggests that you are trying to send mal through a erver (somewhere) with the wrong credentials

the "blocked by spamcop" notification should have only been found in an e-mail .... showing up on-screen as an 'error message' just makes very little sense, never mind not being able to come up with a clue as to just what would be involved in writing n application to have a dialog such as that available ...

Then I'm totally makin' up stuff from my butt just for fun! Really, earlier this week, I said, "I should find a cool website I've never heard of before, tell them some lies, day after day after day, taking up my time, just for fun."

Steven, Yeah -_-' If I had been left to my own devices to set up my emal again, I would have set it up smtp.daintyrose.net like a blonde, but it's mail.daintyrose.net. I tried auth with ___ but it just wouldn't do anything, just kept saying sending. Then I tried to auth with TLS and it said something like it couldn't talk to the server (I've had this before and it's why I chose no auth) but TLS, if availiable works, and puts me at port 25.

So I tested it ("it" being I switched daintyroseemail to daintyrose smtp and sent an email) out, just in case the problem went away, and it magically gave me.. a new error message! Hey, this one includes an ip (or a SonicWall ip which I TOTALLY think that's what it is) in a convoluted way...

"The size of the message you are trying to send exceeds the global size limit of the server. The message was not sent, try to reduce the message size and try again. The server responded: 5.7.1 spam Blocked: See http://www.spamcop.net/bl.shtml?70.159.7.113"

That's a much more helpful error message. Wish I got it earlier. It's still in the pop up box thing. And the email wasn't "too long" it was like a sentence of text sent in text format (I hate html emails). I've since changed the smtp of that email back to gmail, just to cut anything off.

Who's been sending infected emails while that address wasn't connected to that smtp?

DavidT, "catchall"? There is an administrator email. I don't ever check it. I had Mochahost delete everything from it recently. It actually wasn't mostly spam when I looked though webmail. Someone had spammed my blog, and I had set up my blog to tell me whenever anyone trackbacked on commented...

...I had always wondered where those indicator emails went. Now I know. *blush* As you see above, I tried to Auth when sending out but it just... didn't work. The TLS, if available did, of course, but I'm guessing only because of the "if available" clause.

Share this post


Link to post
Share on other sites

The bad news is that you deffinitely have a virus/trojan infected machine on that network, it made it to other famous block lists:

Real-time blacklists [ Click to view all ] 
 dnsbl.sorbs.net Web - http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=70.159.7.113   
 bl.spamcop.net http://spamcop.net/w3m?action=checkblock&amp;ip=70.159.7.113   
 cbl.abuseat.org http://cbl.abuseat.org/lookup.cgi?ip=70.159.7.113  

The sender base numbers show a tremendous increase:

Report on IP address: 70.159.7.113  

Volume Statistics for this IP  
 Magnitude Vol Change vs. Average 
Last day 4.6 1731% 
Last 30 days 3.8 152% 
Average 3.4 


The newest reports seem to have a virus subject line:

Submitted: Friday, October 06, 2006 7:32:07 AM -0400:

Re: warning

1953856747 ( 70.159.7.113 ) To: thisisspam[at]bellsouth.net

1953856739 ( 70.159.7.113 ) To: abuse[at]bellsouth.net

--------------------------------------------------------------------------------

Submitted: Wednesday, October 04, 2006 2:44:45 PM -0400:

Fwd: YOUR LETTER

1951203217 ( 70.159.7.113 ) To: spamcop[at]imaphost.com

1951203209 ( 70.159.7.113 ) To: abuse[at]bellsouth.net

1951203198 ( 70.159.7.113 ) To: thisisspam[at]bellsouth.net

:excl:

PS. Check the cbl block, this is a relisting and it may still be a Linux related problem if I read them right. Someone here may come up with better explanations given this new data.

Interestingly, sorbs BL confirms my initial conclusion:

Address and Port: 70.159.7.113

Record Created: Tue Aug 15 22:27:37 2006 GMT

Record Updated: Fri Oct 6 10:32:01 2006 GMT

Additional Information: spam Sending Trojan or Proxy attempted to send mail from/to from=<debrafjymeeks[at]biblical.edu> to=<keith.hyde[at]paticipating.domain>

Currently active and flagged to be published in DNS

If you wish to request a delisting please do so through the Support System.

Edited by dra007

Share this post


Link to post
Share on other sites
Then I'm totally makin' up stuff from my butt just for fun! Really, earlier this week, I said, "I should find a cool website I've never heard of before, tell them some lies, day after day after day, taking up my time, just for fun."

??? Trying to work with the data you've offered, also conditioned by our admission that you know next to nothing on the whole subject of networking, e-mail, protocols, handshaking, etc., etc., etc.

Current status;

http://www.spamcop.net/w3m?action=blcheck&...ip=70.159.7.113

70.159.7.113 listed in bl.spamcop.net (127.0.0.2)

If there are no reports of ongoing objectionable email from this system it will be delisted automatically in approximately 22 hours.

Causes of listing

System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop)

SpamCop users have reported system as a source of spam less than 10 times in the past week

http://www.senderbase.org/?searchBy=ipaddr...ng=70.159.7.113

Volume Statistics for this IP

Magnitude Vol Change vs. Average

Last day ........ 4.6 .. 1731%

Last 30 days .. 3.8 .... 152%

Average ........ 3.4

Real-time blacklists [ Click to view all ]

dnsbl.sorbs.net Web - http://www.dnsbl.sorbs.net/cgi-bin/lookup?IP=70.159.7.113

bl.spamcop.net http://spamcop.net/w3m?action=checkblock&ip=70.159.7.113

cbl.abuseat.org http://cbl.abuseat.org/lookup.cgi?ip=70.159.7.113

Report History:

-----------------------------------------------

Submitted: Friday, October 06, 2006 6:32:07 AM -0500:

Re: warning

1953856747 ( 70.159.7.113 ) To: thisisspam[at]bellsouth.net

1953856739 ( 70.159.7.113 ) To: abuse[at]bellsouth.net

-----------------------------------------------

Submitted: Wednesday, October 04, 2006 1:44:45 PM -0500:

Fwd: YOUR LETTER

1951203217 ( 70.159.7.113 ) To: spamcop[at]imaphost.com

1951203209 ( 70.159.7.113 ) To: abuse[at]bellsouth.net

1951203198 ( 70.159.7.113 ) To: thisisspam[at]bellsouth.net

How about showing a traceroute from your keyboard/computer to your daintyrose web site? Maybe this will help explain just where this 70.159.7.113 system fits into the actual scheme of things.

Drop down to a shell level access (I believe you used the word 'terminal' before)

traceroute www.daintyrose.net

copy / paste the results ....

dang it .. on a Ubuntu system .. doesn't fly ...

tracepath www.daintyrose.net

<snip the server data I'm playing with>

2: suwC1-gig4-1-4.qualitytech.com (216.154.207.21) 1.026ms

3: suw03-gig1-2.qualitytech.com (216.154.207.18) 0.714ms

4: gig6-2.suwangaeq01w.cr.deltacom.net (66.35.174.165) 0.736ms

5: pos5-0.atlngapk24w.cr.deltacom.net (66.35.174.105) 1.470ms

6: g0-9.na21.b000192-0.atl01.atlas.cogentco.com (205.198.2.161) 2.000ms

7: g1-0.3555.core01.atl01.atlas.cogentco.com (66.250.11.173) 2.061ms

8: p10-0.core01.iah01.atlas.cogentco.com (154.54.5.89) 32.645ms

9: g0-2.na21.b015619-0.iah01.atlas.cogentco.com (66.28.64.66) 34.528ms

10: Everyones_Internet.demarc.cogentco.com (38.112.25.22) asymm 12 33.743ms

11: gphou-66-98-241-28.ev1.net (66.98.241.28) asymm 13 33.887ms

12: 66.98.240.103 (66.98.240.103) 34.026ms

13: no reply

<snip repeats>

31: no reply

Too many hops: pmtu 1500

Resume: pmtu 1500

Using SamSpade for Windows;

10/07/06 08:59:20 Slow traceroute www.daintyrose.net

Trace www.daintyrose.net (67.15.104.25) ...

129.250.2.26 RTT: 43ms TTL: 0 (p16-0-1-2.r20.dllstx09.us.bb.gin.ntt.net ok)

129.250.2.59 RTT: 43ms TTL: 0 (ae-0.r21.dllstx09.us.bb.gin.ntt.net ok)

129.250.3.63 RTT: 51ms TTL: 0 (xe-0-0-0.r21.hstntx01.us.bb.gin.ntt.net ok)

129.250.2.231 RTT: 47ms TTL: 0 (xe-4-1.r04.hstntx01.us.bb.gin.ntt.net ok)

129.250.10.230 RTT: 49ms TTL: 0 (ge-7.ev1.hstntx01.us.bb.gin.ntt.net ok)

66.98.240.103 RTT: 49ms TTL: 0 (No rDNS)

67.15.104.25 RTT: 46ms TTL: 46 (www.daintyrose.net ok)

Share this post


Link to post
Share on other sites
That's a much more helpful error message. Wish I got it earlier. It's still in the pop up box thing. And the email wasn't "too long" it was like a sentence of text sent in text format (I hate html emails).

It would be useful if you tried sending to different email addresses on different systems while using that setup. That way, you could see if the "too long" or the blocking was happening regardless of which system you're trying to send to. If yes, then that message is coming from either the Mochahost server or from somewhere more local to you (such as BellSouth, who "owns" and administers the IP in the message.

DavidT, "catchall"? There is an administrator email. I don't ever check it.

I think you *do* have a catchall..I just sent a message to a bogus address at your domain and it didn't bounce. I'm guessing that it's been routed to that "administator" email box you mentioned. Here's the MochaHost article on turning off the catchall function:

http://www.mochasupport.com/sys/faq/index....hlight=catchall

It's *much* better NOT to use a catchall. It's better to explicitly set up mailboxes and forwarding aliases as needed.

DT

Share this post


Link to post
Share on other sites

Thanks Dra077!

You know, I've been trying to use the data you've been giving me. It started in August, when we moved into these dorms. But... I didn't move into Berry in August, I was just living on a different section of campus and there was barely anyone on campus. So, anyway, as I was saying, it started in August, when everyone moves into the dorms.

And everyone in my dorm HAS THAT SAME 70.x.x.x IP ADDRESS. So if they're doing weird things, the internet is going to think it's me JUST as much as it is them.

Someone menchioned that the 70.x.x.x address was a SonicWall IP so I went to SonicWall and asked them about it... https://forum.sonicwall.com/showthread.php?p=19466 (I'm daynah... I originally try to as that join here... but my email messed up! ha!) Basically, they say, that the 70.x.x.x is the outer telephone number, and my 10.x.x.x is my inner redirecting one.

But every website sees me as 70.x.x.x and so is everyone else in this dorm. So someone else that is just as much 70.x.x.x as I am is doing a mail borg but I'm not.

SonicWall people think it's plausible, do you think it's plausible? Because in the end, if it is plausible, I'm going to need some sort of letter from SpamCop saying, "Yeah, this dorm does have a problem (spam reports,ect), you need to take care of it (notice that my dorm's ip is on the bl)." because they aren't just going to listen to just me. And I'm probably the only person in this little area that uses something other than webmail of some sort (be it my college's or a web gmail or yahoo), thus who notices.

PS, Berry Tech a day or two ago sent out an email saying they were having a "spam problem." Of course, of course, it was JUST RECEIVING spam. The tech guy was also convinced that 70.x.x.x was an ip from someone other than the college, even though many people have confirmed it is me, and SonicWall has explained how I can "have two" and how I can share one. Just thought it was humorous.

Because there's no computers connected to daintyrosesmtp right now... and there's still spam coming out. So that doesn't make much sense. As you can see DavidT, I'm starting to believe that it's someone on my network as opposed to my server. I mean, mochahost does insane cleanups of the servers all the time, and have been emailing me to see if I've gotten it resolved (they don't want me being a borg and it looking like it's coming from a mochahost address). I will turn off the catchall immediately after I post this, I haven't been taking any advice for granted. It's just that all of the little tid bits about this seem to have fit together, even though people have been focusing and been making big long posts about all the other mysteries. Trust me, if were the borg computer, the problem would be in my control, so I'd be able to fix it faster.

Share this post


Link to post
Share on other sites
I will turn off the catchall immediately after I post this
That's great, but please make sure that you still implement all of the aliases required of you by RFC2142.

Share this post


Link to post
Share on other sites

Well, it's like this .. you are as confused about things as much as your 'local tech support' seems to be.

Once again, the previously referenced .grc site attempts to explain to you what a router is, how it works, why you have a 10.x.x.x address but 70.x.x.x is showing up elsewhere. Sorry you can't be bothered with the details.

Yet again, pointing out that the output server IP address for your (alleged) daintyrose.net e-mail SMTP service is still unidentifed.

As the only 'evidence' yet provided in "e-mail with a problem" has been referencing the 70.x.x.x IP address, I am still suggesting that you are running an SMTP server on your computer, and that's where the problems are coming from. Again, the "error message that pops-up and talks about checking your e-mail address/settings" has no direct connection to a listing in the SpamCopDNSBL ....

Yes, you are causing a number of folks to spin their wheels in trying to help you out ....

Because there's no computers connected to daintyrosesmtp right now... and there's still spam coming out. So that doesn't make much sense. As you can see DavidT, I'm starting to believe that it's someone on my network as opposed to my server. I mean, mochahost does insane cleanups of the servers all the time, and have been emailing me to see if I've gotten it resolved (they don't want me being a borg and it looking like it's coming from a mochahost address). I will turn off the catchall immediately after I post this, I haven't been taking any advice for granted. It's just that all of the little tid bits about this seem to have fit together, even though people have been focusing and been making big long posts about all the other mysteries. Trust me, if were the borg computer, the problem would be in my control, so I'd be able to fix it faster.

Where are you seeing "any" e-mail leaving daintyrose.net?

Your "only now beginning to believe" seems a bit odd .. that's what I was suggesting way back in the beginning and have repeated numerous times. .... multiple infected computers on "your" side of the network, possibly even more folks also running their own SMTP services, known or not ....

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×